package com.kejizhentan.controller;

import com.kejizhentan.service.IProductService;
import com.kejizhetan.bean.Product;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.servlet.ModelAndView;

import javax.annotation.security.RolesAllowed;
import java.util.List;
/**
 * @Auther: kejizhentan
 * @Date 2022/3/5 13:37
 * @Description: 产品的相关接口
 */
@Controller
@RequestMapping("/product")
public class ProductController {
    @Autowired
    private IProductService productService;
    /**
     * @descrition 查询所有产品
     * @param:
     * @return: ModelAndView
     * @auther: kejizhentan
     * @date: 2022/3/5 13:33
     */
    @RequestMapping("/findAll.do")
    @PreAuthorize("hasRole('ROLE_ADMIN')")//表示只有角色是ROLE_ADMIN的用户才能进行产品查询操作
    public ModelAndView findAll() throws Exception {
        ModelAndView mv = new ModelAndView();
        List<Product> ps = productService.findAll();
        mv.addObject("productList",ps);
        mv.setViewName("product-list");
        return mv;
    }

    /**
     * @descrition：产品保存
     * @param: Product
     * @return:  String
     * @auther: kejizhentan
     * @date: 2022/3/5 13:47
     */
    @RequestMapping("/save.do")
    @PreAuthorize("authentication.principal.username=='Tom'")//表示用户名叫Tom的用户才能进行产品保存操作
    public String save(Product product) throws Exception {
        productService.save(product);
        return "redirect:findAll.do";
    }
}
